Posted: January 10th, 2010 | Author: Gregg | Filed under: Linux, Tech | Tags: forwarding, linux remote, remote, remote access, remote forwarding, root, ssh | 2 Comments »
There have been many situations that I would like to have remote access to a Linux server, but I don’t have administration rights to the network the server resides on.
A few situations I’ve run in to:
1. A friend has a server and wants you to take a quick look (but no ports forwarded)
2. Customer has a server that you need to look at, but no remote access
3. You are working locally on a server but need to leave and access it later from another location
1. You need to have a publicly accessible Linux server with an SSH account (please don’t use root for this!)
2. Add a dumb user that has shell access but nothing else, don’t run any applications as this user (used for SSH only)
So in the case where you are physically at the server and need to get to it later, type:
ssh -N -f -R 19999:localhost:22 firstname.lastname@example.org
The options make it so after you authenticate with the password the shell goes to the background.
184.108.40.206 needs to be replaced with your IP/Domain of the server you control
sshuser needs to be replaced with the dumb SSH user you setup earlier
Now when you get home, ssh to your 220.127.116.11 server. Then use the Remote forwarding to get back to the original server:
ssh -p19999 email@example.com
You should now be on your remote server.
If you want to kill the connection, on your public server type:
ps -ef | grep ssh
Then you can:
Remember when I said that you must create a dumb user earlier? This is in case you are in the situation where you must give the command to someone over email and have them execute it for you. That way you aren’t handing over root-level access to your server…ever.
Posted: February 26th, 2009 | Author: Gregg | Filed under: Linux, Tech | Tags: cracker, dont be hacked, encrypt, hacker, Linux, poison dns, public wifi, safe browsing, shell, ssh, ssh tunnel, tuennel web traffic, tunnel web browsing, windows | No Comments »
Whenever you are on a Public WiFi connection, you need to have your traffic encrypted so no one can snoop on what you are doing or poison your DNS/etc. Since every wireless packet is broadcast over the open-air, anyone can snoop in on your traffic. Unencrypted sessions can be captured and your precious passwords grabbed by the evil ‘Cracker’ (Cracker=Bad Hacker). I briefly discussed this in a previous post when I was in Japan, but it’s time to provide a detailed howto because too many people are getting taken advantage of.
A linux box that you have public access to and a valid username
Windows, Linux, or Mac as your OS for the client machine
1. Download PuTTY and save the .exe to your desktop
2. Make sure you have Firefox installed
3. Open PuTTY
4. Type in the address or hostname of your public Linux server that you have access to
5. Expand the +SSH option in the left-pane of the PuTTY program
6. Click on ‘Tunnels’
7. Type in 8888 for the Source port
8. Click on the ‘Dynamic’ radio button below
9. Click Add
10. Make sure it looks like my screenshot
11. Click on ‘Open’ and connect to your Linux server
12. Log in with your user and password
13. Once logged in, minimize your PuTTY Session and switch to Firefox
14. In Firefox: Click on ‘Tools’ at the top, then Options
15. Click on the Advanced tab
16. Click on the Network sub-tab
17. Click on Settings
18. Click the ‘Manual Proxy Configuration’ radio button
19. The line that says ‘SOCKS Host’ put ‘localhost’ and port ’8888′, SOCKS V5 below
20. Click OK
Now all of your TCP web traffic will run through the encrypted SSH tunnel to your Linux server, then go out to the internet. Lets take it one step further and have your DNS lookups sent through the tunnel too.
1. In the address bar, type: ‘about:config’ and hit enter (don’t include the ticks)
2. Hit OK, I know what I’m doing on the prompt
3. Search for DNS in the top field and click on the line that reads:
network.proxy.socks_remote_dns until it is set to ‘TRUE’
4. Type in ‘whatismyip.com’ in the address bar and see if it shows the IP of your Linux server’s Public IP and not the Public IP of the network you are currently on. If you really want to see the magic happening, open up wireshark and watch the packets go by as you browse the web. All SSH packets with the exception of UDP.
If you have any questions or help, leave a comment and I will assist.
Happy (Safe) Browsing!
Posted: November 14th, 2008 | Author: Gregg | Filed under: Linux, Tech | Tags: anonymous, encrypted, firefox, internet, Linux, proxy, ssh, traffic, tunneling, web browsing, wifi | No Comments »
So I am walking around Osaka Japan, not looking for food or shopping centers, but the INTERNET. Where can I find it?
If you’ve been reading http://gregginjapan.shutterfly.com you know that I have ‘broadband’ internet in my studio apartment. However, the internet is very slow and is comparable to 56k. The main difference is that ‘back in the day’ when I used 56k dial-up DNS didn’t take 45 seconds to respond to each request. After scanning a bit I noticed that my gateway at my mansion had some sort of QoS set for everyone’s packets.
Where did I find the real-unfiltered internet in Osaka you ask? Starbucks
Leave it to the American coffee giant to have free internet. I’m not sure if it was actually Starbucks access point, but it worked nonetheless. Once I associated with the AP I noticed that they gave me a 192 address. Eureeka! DNS address is the same as the DHCP server too.
I fired up Safari, and boom ‘page cannot be displayed’. I open up Apple’s terminal and ‘ping google.com’, no route to host. hmmm. I type ping 18.104.22.168 (only IP I remember from an old employer) and I get a reply. So now I know it is a DNS issue. How do I get an IP of a public DNS server without any name resolution you ask? SSH
I ssh to another IP that I know of for a VoIP system running CentOS, then SSH to my hostname of my house Linux server.
yum -y install lynx
Then run lynx and google public DNS servers, boom, good to go. Add them manually, and I am resolving websites and problems in no time.
If you want your traffic to be encrypted, setup SSH tunneling to a remote proxy (your remote Linux server).
-Open terminal(mac) or PuTTy (Windoz)
-Type ‘ssh -ND 9999 root@yourIPorHostname’
-Type your password when prompted
-Go to you firefox settings and set proxy to 127.0.0.1 port 9999
You’re good to go.